General
-
Target
04cc88eaa4c768221e1089a76b7db6e3_JaffaCakes118
-
Size
3.1MB
-
Sample
240428-klgtlsbh77
-
MD5
04cc88eaa4c768221e1089a76b7db6e3
-
SHA1
345aa4c1a906c149d2546bdadc881366b1cf5e9f
-
SHA256
66ff22370f9b958f52052b0762a2f34f63b84e19dc251628517cb51f3254b88a
-
SHA512
e6386e860fe856e831e96ab804e49eeddab6710c41eea372b424fd7df5239bde5727b9ba70695e287e8b94ca1869baf5483a307d0ccd3f05a4741a5aaad23984
-
SSDEEP
49152:+UJ6ZNXox4SgJhBsfHJq/nCFT4Mv0Pt97f:+tR4xGnCtvwD
Static task
static1
Behavioral task
behavioral1
Sample
04cc88eaa4c768221e1089a76b7db6e3_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
04cc88eaa4c768221e1089a76b7db6e3_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
04cc88eaa4c768221e1089a76b7db6e3_JaffaCakes118
-
Size
3.1MB
-
MD5
04cc88eaa4c768221e1089a76b7db6e3
-
SHA1
345aa4c1a906c149d2546bdadc881366b1cf5e9f
-
SHA256
66ff22370f9b958f52052b0762a2f34f63b84e19dc251628517cb51f3254b88a
-
SHA512
e6386e860fe856e831e96ab804e49eeddab6710c41eea372b424fd7df5239bde5727b9ba70695e287e8b94ca1869baf5483a307d0ccd3f05a4741a5aaad23984
-
SSDEEP
49152:+UJ6ZNXox4SgJhBsfHJq/nCFT4Mv0Pt97f:+tR4xGnCtvwD
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1